CVE-2015-8098

Name of the Vulnerable Software and Affected Versions F5 BIG-IP APM versions 11.4.1 through 11.4.1 HF8 F5 BIG-IP APM versions 11.5.x through 11.5.2 F5 BIG-IP APM versions 11.6.0 through 11.6.0 HF3

Description The issue is caused by a buffer overflow in the BIG-IP Access Policy Manager, which can be exploited by a remote attacker to cause a denial of service or execute arbitrary code. This can happen when the system processes a Citrix Remote Desktop connection through a virtual server configured with a remote desktop profile.

Recommendations For F5 BIG-IP APM version 11.4.1, update to version 11.4.1 HF9 or later. For F5 BIG-IP APM versions 11.5.x, update to version 11.5.3 or later. For F5 BIG-IP APM version 11.6.0, update to version 11.6.0 HF4 or later.